Per Gustav Ousdal" <[EMAIL PROTECTED]> asks:
>Does anyone have any information on, or pointers to resources documenting
>successful attacks on "good" (can't be to good, huh?) firewall
>implementations?
The biggest problems I've seen with firewalls (even "good" ones)
have to do with the "incoming traffic problem" - in which some
kind of traffic is allowed to a system behind the firewall, which
is then compromised via that traffic. See:
http://www.clark.net/pub/mjr/pubs/debate/sld012.htm
for an illustration of what's going on. With the way that most
firewalls work, and most sites deploy them, breaking into the
firewall itself would be unnecessarily hard compared to the
difficulty of breaking into a web server, exchange server, notes
server, whatever behind it.
mjr.
--
Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
work - http://www.nfr.net
home - http://www.clark.net/pub/mjr
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
